hey everyone.
ok, I am creating a flash/HTML/PHP based web game. It is going to be an MMO of sorts and I have a few questions which I have decided to bundle into this thread.
- Security.
the game is going to transmit data using the POST method from flash -> PHP. there are also going to be some AJAX components and tables within the page.
What I dont want is anyone altering and re-posting data to my PHP scripts, altering the course of the game. Would using SSL prevent this from being possible? It doesn’t need to be rock hard and impossible to break. I just dont want tampering of data being sent from client side flash to my PHP scripts.
-
Session Management.
Now I was going to rely on a PHP based login, setting some session variables and upon passing the user to the page containing the flash, the flash itself will check with PHP to see if a session variable is live, and, if it is of a valid user etc. Is this an adequate way of checking? or should I be relying on cookies to tie in a session ID? -
my flash movie is going to be an overview of the game. I have planned to have each clients flash movie contain a timer which runs every 5 seconds to request new data and update the games stats & animations. Is this going to cause issues on the server when it comes to the load & bandwidth? The only data being transferred are strings of data, not containing massive amounts. Whenever a client initiates a change in the overview, an update is fired regardless of the timer.
In theory is all of the above ok? any comments or criticism is welcome. I dont want to head into heavy development of this when I am going to realise I need to have a major re-think about some of this stuff.
Many thanks.
